Detection or prevention of online fraud is difficult in part because different modes of abuse present different patterns of activity. An online social network may be a fruitful environment for such fraud of varied purpose. For example email list washing, or other webpage scraping to harvest demographic data, may have an activity pattern that includes little or no social connecting with other users, but lots of webpage views. Whereas phishing, or other socially engineered scam, may have an opposite activity pattern with lots of social connecting and few webpage views.
Third party whitelists and blacklists may help characterize IP addresses to some extent. However, automatic detection of an IP address that is involved with an abusive campaign is a topic of ongoing research.